For the second year in a row, the most common password found in data breaches was “123456.” Needless to say, this is not what we’d call a “strong” password.
Password management firm SplashData has a list of the top 100 most commonly found passwords discovered in cleartext thanks to the many, many data breaches of 2017. “123456” tops the list, followed by “password,” followed by “12345678.” Not great, people!
Other popular passwords include “starwars,” various names (e.g. “robert,” “jordan,” or “andrew”), and some rather blue language (e.g., “asshole” or “fuckyou”).
Look: Coming up with strong passwords is hard. You have to use a bunch of weird symbols. You have to try to avoid the things like names and dates personal to you, but still have it be memorable enough you can log back into your cable company’s website once every six months without needing a password reset. And various institutions can have wildly different rules about what kind of passwords they allow.
But not using one, especially for anything even remotely sensitive, just means more headaches down the line if someone steals your identity. (Take it from someone who had to argue with an online payment vendor for two months about whether or not I bought $2,300 worth of shoes from Walmart in 2006.)
If you’re scanning that list of top 100 passwords and recognize some of your own on there, here’s one super simple New Year’s resolution: Learn how to use a password manager.